Am 26. April 2021 19:57:03 MESZ schrieb Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>: >On Mon, Apr 26, 2021 at 07:51:11PM +0200, Frank Wunderlich wrote: >> Hi Pablo, >> >> Is alex' guess right and i need to use physical interface instead of >> the virtual one? > >Confusing, you reported an example that works: > >http://forum.banana-pi.org/t/new-netfilter-flow-table-based-hnat/12049/30 > >That was in March 2021. That was a test without ppp/vlan/bridge on my test device (to make performance test and looking for bindings on simple setup). Now i'm working on my main router where i use pppoe to my isp which needs to be encapsulated into a vlan (to separate from voip). >> In my case i have ppp connection over vlan on wan port. >> >> ppp8 => wan.110 => wan >> >> Lan side (bridge) may work,but for ppp it sounds wrong to me. > >Just add the 'wan' device to the flowtable, as you did back in March. Ok, i try it...If this works also for traffic routed to the ppp interface then it is ok. Forwarding is done from lanbr0 to ppp8 virtual interfaces not to physical interfaces directly like i've done on test in March regards Frank